CVE-2019-18218 number is incorrect in main/file/APKBUILD
When CVE-2019-18218 was fixed in #10911 (closed) the CVE number added in
main/file/APKBUILD is wrong by a digit (9 instead of 8):
# secfixes: +# 5.36-r1: +# - CVE-2019-19218 # 5.36-r0: # - CVE-2019-8904 # - CVE-2019-8905
CVE-2019-19218 does not exist.
This is bad because those are used to create automated vulnerability databases like alpine-secdb and vuln-list which alert users to a nonexistent CVE. We found it because Clair started flagging our alpine containers as having this CVE which we couldn't find in the CVE database.